Fedora EPEL 6 Security Update: docker-io-1.4.1-3.el6

Resolved Bugs
1169593 – Creates /.docker
1175144 – docker-io-1.4.1 is available
1173950 – docker-io can’t be installed on rhel 6.5 due to requirement device-mapper-libs >= 1.02.90-1
1173325 – CVE-2014-9357 CVE-2014-9356 CVE-2014-9358 docker-io: various flaws [epel-6]
1172761 – CVE-2014-9356 docker: Path traversal during processing of absolute symlinks
1172782 – CVE-2014-9357 docker: Escalation of privileges during decompression of LZMA archives
1172787 – CVE-2014-9358 docker: Path traversal and spoofing opportunities presented through image identifiers<br
set DOCKER_CERT_PATH outside of sysconfig file
don’t require fish for fish-completion as it’s unavailable
Resolves: rhbz#1175144 – update to 1.4.1
Resolves: rhbz#1173950 remove min version requirements on device-mapper-libs
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356

Leave a Reply